About the Company
Arcules is changing the video surveillance market and moving customers to a smarter, more reliable cloud-based solution. Our company is a technology spin out of Canon Inc. and has seed technology from the Milestone video surveillance division. We are targeting mid-market enterprises looking to interconnect their business locations. Our technology brings video and smart building elements together and our analytics help customers make more informed decisions. Our go-to-market strategy leverages systems integration companies to get our solutions to end customers.
Arcules offers excellent benefits, including top-tier PPO and HMO medical plans, four weeks of vacation, three weeks of sick leave, 401(k) plan after three months of employment (4% company match), an on-site gym and game pavilion, an awesome work environment and more.
Overview of the Job
As an Information Security & Compliance Analyst, you will work in a cross-functional team environment with a variety of team members including Product, Finance, Marketing and more. You will be part of the Arcules Information Security Program Office (AISPO) and participate in all aspects of managing client and vendor risk assessments and ensuring compliance with client contractual, regulatory and legal security requirements. You will help execute sound risk management processes and technical controls to meet customer needs, satisfy external audit requirements and address internal security objectives.
- Implement and maintain policies, processes and controls to raise the overall security and compliance posture of Arcules Information Security Program, including reporting on, planning and tracking remediations/mitigation plans.
- As directed, drive risk analysis and operate controls and help implement industry best practices for teams across the organization.
- Engagement with Arcules team members in detailed research and analysis of technical and process centric requirements in support of new initiatives, continuous improvement, and remediation efforts as related to security and risk management initiatives.
- Drive documentation of processes, risks and controls.
- Coordinate with stakeholders to ensure all policy exceptions/risk acceptances are managed in accordance to Arcules Information Security policies and standards
- Other duties as assigned
- Bachelor’s degree (Masters preferred) in business administration, computer science, information technology, law or legal studies, or a related field of study, or equivalent experience.
- Experience with at least one industry-standard risk/control framework: AICPA SOC 2, CIS Top 20, COSO, NIST, CSA, etc.
- Knowledge and experience with information security standards, rules and regulations related to information security and data confidentiality: APPI, GDPR, CCPA, etc
- Familiarity with at least one of the industry authoritative sources such as NIST, SOC2, ISO27001, COBIT or CCPA standards
- Familiarity of cloud based security framework such as CSA Star or HITRUST CSF desirable
- 2+ years of experience working in the technology risk and compliance field
- Experience working in or with a technology organization is preferred
- Good understanding of key information security concepts
- Being Awesome!